Posted in Other 30+ days ago.
Type: Full Time
We have an opening for you to grow with us in Lodi, CA, Oakland, CA or Greater Sacramento, CA. This critical role will be within the Information Security and Risk Management organization, responsible for executing and managing multi-faceted projects related to information security and risk management. This role will be focused on conducting Cyber Security and Third Party Risk Assessments using the FAIR methodology. Additional duties will include assessment and review of policies, standards, procedures, exceptions and deviations ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization. This individual will provide expertise and assistance to all IT projects to ensure the company's infrastructure and information assets are protected.
In your role you will help the company grow our business and build on our success by:
* Understanding and influencing departmental vision and mission.
* Responsible for conducting Cyber Security and Third Party Risk assessments
that include security policies, standards, and controls management process
including regular assessment process reviews and updates of the process
flow narrative.
* Lead and engage with the business to identify risks and lead the
implementation of risk mitigation plans to address cyber and third party risks.
* Support Risk Management tools, techniques, and procedures to enhance risk
management capabilities throughout the company.
* Enhance and /or support the IT Risk register that will include testing,
continuous risk assessment monitoring, control execution and artifacts
collection, audit engagements, and real time dashboard and reporting.
* Works to achieve strategic and operational targets with significant impact on
the Information Security and Risk Management results.
* Implements strategic goals established by Information Security and Risk
Management leadership.
* Responsible for entire projects / programs or processes as Industry
knowledgeable lead within Information Security Risk Management.
* Responsible for providing security guidance, coaching and training to other
employees across the company across a broad area of expertise.
* Providing metrics for the cyber security risk management dashboard
reporting.
* Assess and manage IT technical controls through tools that identify risks for
all major operating systems and identify exceptions to configuration standards
that increase Risk exposure.
* Other duties as assigned.
* 5 plus years experience in conducting Cyber Security and/or Third Party Risk
assessments.
* Knowledge and experience with various Information Security governance and
control frameworks (NIST, HiTrust, PCI-DSS, etc.).
* Familiarity with security regulations in compliance legislation and other
directives including HIPPA, SOC 1, SOC 2, PCI, Sarbanes-Oxley, ISO 27001
is a plus.
* Strong communications skills and effective IT Security policy writing
experience is required.
* Familiarity with information security governance, risk and compliance tool
such as ServiceNow and Archer is a plus.
Additional Experience:
* Breakdown raw information and undefined problems into specific, workable
components that in-turn clearly identifies the issues and risks.
* Make logical conclusions, anticipates obstacles and considers different
approaches that are relevant to the decision-making process.
* Improve organizational performance though the application of original thinking
to existing and emerging methods, processes, products and services.
* Employ sound judgment in determining how innovations will be deployed to
produce return on investment.
* Identify, document, and monitor key business processes needed to achieve
successful business results. Map and document processes while developing
framework for process improvement.
* Identify and act upon opportunities for continuous improvement.
* Encourage prudent risk-taking, exploration of alternative approaches, and
organizational learning.
* Demonstrate personal commitment to change through actions and words,
and mobilize others to support change through times of stress and
uncertainty.
* Achieve desired results by taking a systematic approach to work and by
following defined work processes.
* CISA, CISSP, CRISC preferred
Education:
* Bachelor's degree in Computer Science, Business or other related field, or
related work experience.
Additional Information
- Our Company: At Blue Shield of California we are parents, leader, students, visionaries, heroes, and providers. Everyday we come together striving to fulfill our mission, to ensure all Californians have access to high-quality health care at a sustainably affordable price. For more than 80 years, Blue Shield of California has been dedicated to transforming health care by making it more accessible, cost-effective, and customer-centric. We are a not-for-profit, independent member of the Blue Cross Blue Shield Association with 6,800 employees, more than $20 billion in annual revenue and 4.3 million members. The company has contributed more than $500 million to Blue Shield of California Foundation since 2002 to have a positive impact on California communities. Blue Shield of California is headquartered in Oakland, California with 18 additional locations including Sacramento, Los Angeles, and San Diego. We're excited to share Blue Shield of California has received awards and recognition for - LGBT diversity, quality improvement, most influential women in corporate America, Bay Area's top companies in volunteering & giving, and one of the world's most ethical companies. Here at Blue Shield of California, we're striving to make a positive change across our industry and the communities we live in - Join us!
- Physical Requirements:
Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.
- Equal Employment Opportunity: External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.
- Requisition ID: 20002CQ
- Posting Date: Oct 26, 2020
- Schedule: Full-time
.
|
Wells Fargo |
|
PATH ARC |
|
Montrose Environmental Group Inc. |